Wednesday, 12 March 2014

Php Session

What is a session?
A session is basically a way of storing variables and making them available across multiple pages on your web site. 
We use the PHP super global $_SESSION to hold it.

Eg: $_SESSION['variable'] 
<?php
// begin the session
session_start(); 
// set the value of the session variable
$_SESSION['hello']='sudhir'
?>
We can retriew this value on another page by this
<?php 
// begin our session
session_start(); 

// echo the session variable
echo 'The value of hello is '.$_SESSION['hello']
?>

What should I do to destroy a whole session?
This is often used to log out of applications that store the login information in a session.
 You can use the code below to destroy your session completely.
<?php
// Begin the session
session_start();                        
// Unset all of the session variables.
session_unset();
// Destroy the session.
session_destroy();
?>
Can I store an array in a session?
<?php
// begin the session
session_start();                                      
// create an array
$my_array=array('cat''dog''mouse''bird''crocodile''wombat''koala''kangaroo');

// put the array in a session variable
$_SESSION['animals']=$my_array;


foreach($_SESSION['animals'] as $key=>$value)
    {
    // and print out the values
    echo 'The value of $_SESSION['."'".$key."'".'] is '."'".$value."'".' <br />';
    }

?>
Can I store an object in a session
Yes, using the following code we can include our class file as we would for any class.
 In page1.php we will instantiate a new object and put it in a session variable. 
Lets us create a simple class file to include in our page1 and page2 scripts,
 we shall call it myclass.php
<?php
// our class
class mySessionClass{
                                                                                                                       
// The constructor, duh!
function __construct(){
}
                                                                                                                       
// a function to set a property
function bar(){
  return 'foo';
}
                                                                                                                       
// end of class
?>
In page1.php we include the class file and instantiate a new instance of the class directly into a session variable.
<?php
// include the class file
include('myclass.php');

// begin the session
session_start();

// instantiate a new instance of the class mySessionClass
$_SESSION['foo']= new mySessionClass
                                                                                                                       
// echo a little message to say it is done
echo 'Setting value of foo to an object';
?>
Now we have the object in a session variable, we can go on to page2.php and use methods from mySessionClass.
<?php

// include the class file
include('myclass.php');

// begin the session
session_start();
                                                                                                                       
echo $_SESSION['foo']->bar();
?>
Important Note: You MUST include the class definition on *every page* when you store an object

Can I store a function in a session?

<?php
// begin our session
session_start();
// set a session variable containing a function
$_SESSION['foo'] = '
<?php 
function foo(){
echo "I am stored in a session function named foo";}
?>';

?>
<?php

  // begin our session
  session_start();

  // evaluate the code within the session variable
  eval('?>'.$_SESSION['foo']);

 // run our stored function
 foo();

?>

When do sessions expire?
The default behaviour for sessions is to keep a session open indefinitely and 
only to expire a session when the browser is closed. 
This behaviour can be changed in the php.ini file by altering the line
session.cookie_lifetime = 0
to a value in seconds. If you wanted the session to finish in 5 minutes you would set this to
session.cookie_lifetime = 300
and restart your httpd server.



Cookie

A cookie can keep information in the user's browser until deleted. If a person has a login and password, this can be set as a cookie in their browser so they do not have to re-login to your website every time they visit. You can store almost anything in a browser cookie.

The setcookie() function is used to set a cookie.

Syntax
setcookie(name, value, expire, path, domain);
<?php
$value 
'something from somewhere';

setcookie("TestCookie"$value);
setcookie("TestCookie"$valuetime()+3600);  /* expire in 1 hour */
setcookie("TestCookie"$valuetime()+3600"/~rasmus/""example.com"1
);
?>
<?php
// Print an individual cookie
echo $_COOKIE["TestCookie"];
echo 
$HTTP_COOKIE_VARS["TestCookie"];

// Another way to debug/test is to view all cookies
print_r($_COOKIE);
?>
 
Difference between session & Cookies

The main difference between a session and a cookie is that session data is stored on the server, whereas cookies store data in the visitor’s browser. Sessions use a session identifier to locate a particular user’s session data. This session identifier is normally stored in the user’s web browser in a cookie, but the sensitive data that needs to be more secure — like the user’s ID, name, etc. — will always stay on the server. Session are secure then cookies.

In PHP there are two way to propagate a session id:

1.Cookies
2.URL parameter

Note: If the run-time option session.use_trans_sid is enabled, relative URIs will be changed to contain the session id automatically.

PHP sessions can also work without cookies in case cookies are disabled or rejected by the browser

PHP has a built-in mechanism called transparent session ids, which automagically rewrites all links to contain the session id in a query parameter. I would not suggest using it, since session ids in the URL open up a whole new can of worms.

How PHP sessions work without cookies

1. PHP will automatically add a hidden input tag with the name PHPSESSID right after the <form> tag.
The value of that hidden input tag would be whatever value PHP assigns your session ID.
<input type="hidden" value="<?php echo (session_id());?>" name="session_id">

2. PHP will find all the links in your HTML code, and will modify those links 
<?php $_COOKIE[$_POST['session_name']]=$_POST['session_id'];?>

<a href="play3.php?session_id=<?php echo (session_id());?>">go to next page</>
 

0 comments:

Post a Comment